rtr.IPSecSecurityAssociation (NSP Network Functions Manager

rtr
IPSecSecurityAssociation

This class represents the IP Sec Tunnel Security Association that is being defined by the operator when using Manual Keying.

Inheritance Hierarchy
- ManagedObject
  - rtr. IPSecSecurityAssociation

Parent Hierarchy
- netw.Network
  - netw.NetworkElement
    - rtr.VirtualRouter
      - rtr.NetworkInterface
        
        rtr.IPSecSecuredInterface
        
        rtr.RtrIPSecTunnel
        
        rtr.IPSecSecurityAssociation [[network]:[${systemAddress}]:[router-${*routingInstanceId}]:[ip-interface-${*id}]:[ipsec]:[ipscTnl-${tunnelName}]:[sa-${secPlcyEntryId}][idx-${index}][dir-${direction}]]
- service.ServiceManager
  - ies.Ies
    - ies.Site
      - ies.L3AccessInterface
        
        rtr.IPSecSecuredInterface
        
        rtr.RtrIPSecTunnel
        
        rtr.IPSecSecurityAssociation [svc-mgr:[service-${*id}]:[${siteId}][-switch-$%{ethernetSwitchCardPointer}]:[ip-interface-${*id}]:[ipsec]:[ipscTnl-${tunnelName}]:[sa-${secPlcyEntryId}][idx-${index}][dir-${direction}]]
  - vprn.Vprn
    - vprn.DVRSSite
      - vprn.L3AccessInterface
        
        rtr.IPSecSecuredInterface
        
        rtr.RtrIPSecTunnel
        
        rtr.IPSecSecurityAssociation [svc-mgr:[service-${*id}]:[${siteId}][-switch-$%{ethernetSwitchCardPointer}]:[ip-interface-${*id}]:[ipsec]:[ipscTnl-${tunnelName}]:[sa-${secPlcyEntryId}][idx-${index}][dir-${direction}]]
    - vprn.Site
      - vprn.L3AccessInterface
        
        rtr.IPSecSecuredInterface
        
        rtr.RtrIPSecTunnel
        
        rtr.IPSecSecurityAssociation [svc-mgr:[service-${*id}]:[${siteId}][-switch-$%{ethernetSwitchCardPointer}]:[ip-interface-${*id}]:[ipsec]:[ipscTnl-${tunnelName}]:[sa-${secPlcyEntryId}][idx-${index}][dir-${direction}]]

Children Hierarchy
- rtr.IPSecSecurityAssociation

Relationships
- many rtr.IPSecSecurityAssociations may be associated with ipsec.IPSecTransform (implied relationship)
- many rtr.IPSecSecurityAssociations may be direct children of one rtr.RtrIPSecTunnel (child-parent relationship)

IPSecSecurityAssociation

Relative Name=[[sa-${secPlcyEntryId}][idx-${index}][dir-${direction}]]

Displayed Name=IPsec Security Association

Properties
authAlgorithm	The value of AuthAlgorithm indicates the authentication algorithm used with this SA. type=ipsec.AuthAlgorithm access=read-only Displayed(tab/group)=Authentication Algorithm (Algorithms)
authenticationKey	The value of AuthenticationKey specifies the key used for the authentication algorithm defined by the Transform Algorithm in the IPsec transform indexed by TransformId. type=string access=read-create minimum=0 maximum=128 Mandatory on create Displayed(tab/group)=Authentication Key (/Key)
creationOrigin	type=svt.L2RouteOriginType access=read-create default=manual
direction	Specifies the direction on the IPsec tunnel to which this SA entry can be applied. This value is also part of the index for the table tmnxIPsecSATable. type=ipsec.SecurityAssociationDirection access=read-create default=1 Displayed(tab/group)=Direction
encrAlgorithm	The value of EncrAlgorithm indicates the encryption algorithm used with this SA. type=ipsec.EncryptionAlgorithm access=read-only Displayed(tab/group)=Encryption Algorithm (Algorithms)
encryptionKey	The value of EncryptionKey specifies the key used for the encryption algorithm defined by the Transform Algorithm in the IPsec transform indexed by TransformId. type=string access=read-create minimum=0 maximum=64 Mandatory on create Displayed(tab/group)=Encryption Key (/Key)
establishedTime	The value of EstablishedTime indicates the UTC date and time that the IPsec phase 2 negotiation completed. type=Date access=read-only Displayed(tab/group)=Established Time (Algorithms)
index	The value of index specifies an additional index to uniquely identify the SA entry in the MIB Table. type=long access=read-create default=1 minimum=1 maximum=1
interfaceId	type=long access=read-only default=0
interfaceName	type=string access=read-only default= maximum=252
keyTypeOption	type=ipsec.KeyType default=ascii Displayed(tab/group)=Key Type (/Key)
negotiatedLifeTime	The value of NegotiatedLifeTime indicates the lifetime negotiated for phase2 IKE key. type=long access=read-only Displayed(tab/group)=Negotiated Life-Time (Algorithms)
routerId	type=long access=read-only default=0
secPlcyEntryId	The Security Association ID. type=long access=read-create default=0 Displayed(tab/group)=Security Policy Entry
secPlcyId	type=long access=read-only default=0
siteId	type=string access=read-only default=0.0.0.0 maximum=50 Displayed(tab/group)=Site ID (/Site Information)
spi	The value of Spi specifies the SPI (Security Parameter Index) used to lookup the instruction to verify and decrypt the incoming IPsec packets when the value of Direction is 'inbound'. type=int access=read-create minimum=256 maximum=16383 Mandatory on create Displayed(tab/group)=SPI (/Key)
storageType	Specifies how the row is stored. Entries with StorageType of 'read-only' are dynamic SAs and are created by the IPsec sub-system and cannot be modified or destroyed. All the entries created by the user are manual SAs and will have the StorageType as 'nonVolatile'. type=aapolicy.AAStorageType access=read-only Displayed(tab/group)=Storage Type (Algorithms)
transformId	Identifies the transform entry that will be used by this SA entry. This identifier should be specified for all the entries created by the user which are manual SAs. If the value of Type is 'dynamic', then the value of TransformId is irrelevant and will be zero. type=long access=read-create default=0 Displayed(tab/group)=Transform (/Key)
tunnelName	The name of the tunnel on which this SA object resides. type=string access=read-only
type	Specifies whether this SA entry is created manually by the user or dynamically by the IPsec sub-system. type=ipsec.SecurityAssociationType access=read-only Displayed(tab/group)=Type

Properties

authAlgorithm

The value of AuthAlgorithm indicates the authentication algorithm used with this SA.

type=ipsec.AuthAlgorithm
access=read-only
Displayed(tab/group)=Authentication Algorithm (Algorithms)

authenticationKey

The value of AuthenticationKey specifies the key used for the authentication algorithm defined by the Transform Algorithm in the IPsec transform indexed by TransformId.

type=string
access=read-create
minimum=0
maximum=128
Mandatory on create
Displayed(tab/group)=Authentication Key (/Key)

creationOrigin

type=svt.L2RouteOriginType
access=read-create
default=manual

direction

Specifies the direction on the IPsec tunnel to which this SA entry can be applied. This value is also part of the index for the table tmnxIPsecSATable.

type=ipsec.SecurityAssociationDirection
access=read-create
default=1
Displayed(tab/group)=Direction

encrAlgorithm

The value of EncrAlgorithm indicates the encryption algorithm used with this SA.

type=ipsec.EncryptionAlgorithm
access=read-only
Displayed(tab/group)=Encryption Algorithm (Algorithms)

encryptionKey

The value of EncryptionKey specifies the key used for the encryption algorithm defined by the Transform Algorithm in the IPsec transform indexed by TransformId.

type=string
access=read-create
minimum=0
maximum=64
Mandatory on create
Displayed(tab/group)=Encryption Key (/Key)

establishedTime

The value of EstablishedTime indicates the UTC date and time that the IPsec phase 2 negotiation completed.

type=Date
access=read-only
Displayed(tab/group)=Established Time (Algorithms)

index

The value of index specifies an additional index to uniquely identify the SA entry in the MIB Table.

type=long
access=read-create
default=1
minimum=1
maximum=1

interfaceId

type=long
access=read-only
default=0

interfaceName

type=string
access=read-only
default=
maximum=252

keyTypeOption

type=ipsec.KeyType
default=ascii
Displayed(tab/group)=Key Type (/Key)

negotiatedLifeTime

The value of NegotiatedLifeTime indicates the lifetime negotiated for phase2 IKE key.

type=long
access=read-only
Displayed(tab/group)=Negotiated Life-Time (Algorithms)

routerId

type=long
access=read-only
default=0

secPlcyEntryId

The Security Association ID.

type=long
access=read-create
default=0
Displayed(tab/group)=Security Policy Entry

secPlcyId

type=long
access=read-only
default=0

siteId

type=string
access=read-only
default=0.0.0.0
maximum=50
Displayed(tab/group)=Site ID (/Site Information)

spi

The value of Spi specifies the SPI (Security Parameter Index) used to lookup the instruction to verify and decrypt the incoming IPsec packets when the value of Direction is 'inbound'.

type=int
access=read-create
minimum=256
maximum=16383
Mandatory on create
Displayed(tab/group)=SPI (/Key)

storageType

Specifies how the row is stored. Entries with StorageType of 'read-only' are dynamic SAs and are created by the IPsec sub-system and cannot be modified or destroyed. All the entries created by the user are manual SAs and will have the StorageType as 'nonVolatile'.

type=aapolicy.AAStorageType
access=read-only
Displayed(tab/group)=Storage Type (Algorithms)

transformId

Identifies the transform entry that will be used by this SA entry. This identifier should be specified for all the entries created by the user which are manual SAs. If the value of Type is 'dynamic', then the value of TransformId is irrelevant and will be zero.

type=long
access=read-create
default=0
Displayed(tab/group)=Transform (/Key)

tunnelName

The name of the tunnel on which this SA object resides.

type=string
access=read-only

type

Specifies whether this SA entry is created manually by the user or dynamically by the IPsec sub-system.

type=ipsec.SecurityAssociationType
access=read-only
Displayed(tab/group)=Type

Properties inherited from ManagedObject
actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Properties inherited from ManagedObject

actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Supported Network Elements
7750 SR	Supported from 19.7.R1 Excluded chassis types: 7750-SR12, 7750-SR24, 7750-SR4, 7750-SR1, 7750-SR7, 7750-SRc12, 7750-SRc4, 7750-SR12e, 7750-SRa4, 7750-SRa8, 7750 SR-1e, 7750 SR-2e, 7750 SR-3e, ES 7750 SRc4, TS 7750 SRc4, 7750-SR1 Fixed CFM, 7750 SR-1x-48D, 7750 SR-1-48D, 7750 SR-1-24D, 7750 SR-1x-92S, 7750 SR-1-92S, 7750 SR-1-46S, 7750 SR-7s, 7750 SR-1s, 7750 SR-1se, 7750 SR-2s, 7750 SR-14s
7705 SAR Gen 2
7705 SAR Hm	Supported from 19.7.R1

Supported Network Elements

7750 SR

Supported from 19.7.R1

Excluded chassis types: 7750-SR12, 7750-SR24, 7750-SR4, 7750-SR1, 7750-SR7, 7750-SRc12, 7750-SRc4, 7750-SR12e, 7750-SRa4, 7750-SRa8, 7750 SR-1e, 7750 SR-2e, 7750 SR-3e, ES 7750 SRc4, TS 7750 SRc4, 7750-SR1 Fixed CFM, 7750 SR-1x-48D, 7750 SR-1-48D, 7750 SR-1-24D, 7750 SR-1x-92S, 7750 SR-1-92S, 7750 SR-1-46S, 7750 SR-7s, 7750 SR-1s, 7750 SR-1se, 7750 SR-2s, 7750 SR-14s

7705 SAR Gen 2

7705 SAR Hm

Supported from 19.7.R1

rtr IPSecSecurityAssociation

rtr
IPSecSecurityAssociation